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DETAILED ACTION 

Response to Amendment 

This office action is in response to arguments filed on December 06, 2004. Original 
application contained Claims 1-16. Applicant previously added new Claim 17. Applicant 
previously amended Claims 1, 4, and 14-17. Applicant currently amended Claims 1, and 17. 

The amendment filed on December 06, 2004 have been entered and made of record. 
Presently pending claims are 1-17. 

Response to Arguments 
Applicant's arguments filed on December 06, 2004 have been fully considered but they 
are not persuasive because of the following reasons: 

Regarding Claims 1 applicants argued that the cited prior art (CPA) [Matyas et al. U.S. 
Patent No. 5,200,999] at least does not teach, " a first digital signature of the first public key 
based on a private key from the certificate authority, a second digital signature of the second 
public key base don the first private key, and signing data to be transmitted with a third digital 
signature " and also does not disclose that ''wherein first private key, second private key, and 
the private key from the certificate authority have different values ", and "disposable key". 

This is not found persuasive. Cited prior art teaches a method of managing public key 
cryptographic system in data processing system using as system master key private and public 
key pair of commutative asymmetric cryptographic algorithm that includes two pairs, each 
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containing a public key and a private key in the data processing system, for use with respective 
public key algorithm. A private control vector is then assigned for the private keys for defining 
permitted uses for the two keys. A private key record is formed which includes the both second 
private keys, and the private key record is encrypted, under a first master key expression which is 
a function of the private control vector. A private key token is formed which includes the private 
control vector and the private key record, and the private key token is stored in the data 
processing system. 

Thus, the system provides a method allowing new and expanded key usage to be added to 
architecture, and single consistent method for handling both public and private keys. Users can 
port their public and private keys from one cryptographic system to another. 

As a result, the system and method of cited prior art does implement and teaches a system 
and method of data authentication utilizing a combination of public key cryptography and digital 
signatures 

Applicants clearly have failed to explicitly identify specific claim limitations, which 
would define a patentable distinction over prior arts. 

The examiner is not trying to teach the invention but is merely trying to interpret the claim 
language in its broadest and reasonable meaning. The examiner will not interpret to read 
narrowly the claim language to read exactly from the specification, but will interpret the claim 
language in the broadest reasonable interpretation in view of the specification. Therefore, the 
examiner asserts that CPA does teach or suggest the subject matter broadly recited in 
independent Claims 1, 13-17 and in subsequent dependent Claims 2-12. Accordingly, rejections 
for claims 1-17 are respectfully maintained. 
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Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

a person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

2. Claims 1-17 are rejected under 35 U.S.C. 102(b) as being anticipated by Matyas et al. 
(U.S. Patent 5 5 200,999). 

3. Regarding claim 1 Matyas teaches and describes a method for authenticating transmitted 
data in real time, the method comprising the steps of: 

- generating a master cryptographic key pair, including a first public key and a first 
private key, publishing a first certificate issued by a certificate authority, the first certificate 
including the first public key and a first digital signature of the first public key based on a private 
key from the certificate authority, generating a disposable cryptographic key pair, including a 
second public key and second private key, generating a second certificate, the second certificate 
including the second public key and a second digital signature of the second public key based on 
the first private key (col.12 line 28 to col.13 line 9, col.68 line 15 to line 55, and col.129 line 4 to 
line 14); 

- publishing the second certificate, signing data to be transmitted with a third digital 
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signature by processing the data to be transmitted through a first one way hashing function to 
generate a first hash value and encrypting the first hash value utilizing the second private key, 
processing received data through the first one way hashing function to create a second hash 
value, decrypting the received third digital signature utilizing the second public key to obtain a 
third hash value, and verifying authenticity of the data by comparing the second hash value to the 
third hash value wherein the first private key, the second private key, and the private key from 
the certificate authority have different values (col.24 line 43 to col.26 line 14). 

4. Regarding claim 13 Matyas teaches and describes a method for digitally signing data in 

real time, the method comprising the steps 

of: 

- generating a master key pair including a first public key and a first private key, 
publishing a first certificate, the first certificate including the first public key and 

a first digital signature based on a key pair of a certificate authority', generating a disposable key 
pair, the disposable key pair including a second public key and a second private key, and wherein 
the disposable key pair is shorter than the master key pair, generating a second certificate, the 
second certificate including the second public key and a second digital signature based on the 
master key pair (col. 12 line 28 to col.l31ine 9); 

- dividing the data to be signed into packets, for each packet of data, computing a hash 
value based on the data in that data packet utilizing a one way hashing function, encrypting the 
hash value utilizing the second private key as the encryption key, and coupling each encrypted 
hash value with its corresponding data packet (col.24 line 43 to col.26 line 14). 
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5. Regarding claim 14 Matyas teaches and describes a method for verifying digitally signed 
data in real time, the method comprising 

the steps of: 

- processing a data portion of the digitally signed data through a one way 

hashing function to obtain a first hash value for each packet of digitally signed data, verifying a 
contents of a first certificate issued by a certificate authority utilizing a public key issued by the 
certificate authority, the first certificate including a first public key of along master key pair 
(col.24 line 43 to col.26 line 14); 

- verifying a contents of a second certificate issued by a sender of the data 

utilizing the first public key from the first certificate, the second certificate including a second 
public key of a short disposable key pair that is shorter than the long master key pair, decrypting 
a digital signature portion of the digitally signed data utilizing the second public key to obtain a 
second hash value; and comparing the first and second hash values (col. 19 line 58 to col.21 line 
45). 

6. Regarding claim 15 Matyas teaches and describes a method for digitally signing data in 
real time, the method comprising the steps of: 

- generating a disposable key pair, the disposable key pair including a short public 

key and a short private key, publishing the short public key and a digital signature of the public 
key based on a long private key longer than the short private key, dividing data to be signed into 
packets, for each packet of data, computing a hash value based on the data in the data packet 
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utilizing a one way hashing function, encrypting the hash value utilizing the short private key, 
and coupling each encrypted hash value with its corresponding data packet (col. 7 line 18 to col. 8 
line 15, and col.19 line 58 to col.21 line 45). 

7. Regarding claim 16 Matyas teaches and describes a method for verifying digitally signed 
data in real time, the method comprising the steps of: 

- processing a data portion of the digitally signed data through a one way 

hashing function to obtain a first hash value for each packet of digitally signed data, decrypting a 
digital signature portion of the digitally signed data utilizing a published short public key to 
obtain a second hash value, and comparing the first and second hash values, and verifying a 
digital signature of the short public key based on a long public key, wherein the short public key 
is shorter than the long public key (col.6 line 4 to line 14, and col.24 line 43 to col.26 line 14). 

8. Regarding claim 17 Matyas teaches and describes a method for verifying digitally signed 
data in real time, the method comprising the steps of: 

- receiving a data packet including an unencrypted data portion and a digital signature 
portion, generating a first hash value by processing the received unencrypted data portion 
through a one way hashing function, and decrypting the received digital signature utilizing a first 
public key to obtain a second hash value; verifying the digitally signed data by comparing the 
first hash value to the second hash value, and verifying the first public key based on a digital 
signature of a second public key issued by a certificate authority and having a different value 
than the first public key (col.6 line 4 to line 14,and col.24 line 43 to col.26 line 14). 
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9. Claims 2-12 are rejected applied as above in rejecting claim 1 . Furthermore, Matyas 
teaches an authentication the method for authenticating transmitted data in real time wherein - 

- the step of generating a master key pair comprises creating long first public and 
private keys (col.7 line 18 to col. 8 line 15); 

- the first certificate further includes an identification of a sender and an identification of 
a certificate authority issuing the first certificate (col.2 line 47 to col.3 line 30); 

- the first digital signature is produced by processing information representing the 
identification of the sender, the identification of the certificate authority issuing the first 
certificate and the first public key through a second one way hashing function to create a fourth 
hash value; and encrypting the fourth hash value utilizing the private key from the certificate 
authority issuing the first certificate to create the first digital signature (col. 19 line 59 to col.2 1 
line 45); 

- the step of verifying authenticity of data comprising the first certificate (col. 10 line 
11 to line 32); 

- the step of verifying the authenticity of the data comprising the first certificate 
comprises: decrypting the first digital signature to obtain a fifth hash value utilizing a public key 
issued by the certificate authority issuing first certificate, processing the received information 
representing the identification of the sender, the identification of the certificate authority issuing 
the first certificate and the first public key through the second one way hashing function to create 
a sixth hash value; and comparing the fifth and sixth hash values (col. 19 line 58 to col.2 1 line 
45); 
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- the step of generating a disposable cryptographic key pair comprises generating short 
second public and private keys (col. 7 line 18 to col.8 line 15); 

- the second certificate further includes the identification of the sender and an 
identification of a signing authority issuing the second certificate (col.2 line 47 to col.3 line 30); 

- the second digital signature is produced by processing the data representing the 
identification of the sender, the identification of the signing authority issuing the second 
certificate and the second public key through a one way hashing function to create a seventh hash 
value; and encrypting the seventh hash value utilizing the first private key to create the second 
digital signature (col. 19 line 59 to col.2 1 line 45); 

- the step of verifying the authenticity of the data comprising the second certificate 
(col. 10 line 11 to line 32); 

- the step of verifying the authenticity of the data comprising the second certificate 
comprises decrypting the second digital signature to obtain an eighth hash value utilizing 

the first public key, processing the received data representing the identification of the sender, the 
identification of the signing authority issuing the second certificate and the second public key 
through the third one way hashing function to create a ninth hash value; and comparing the 
eighth and ninth hash values (col. 19 line 58 to col. 21 line 45); 

- dividing the data into packets and signing and authenticating each packet of data in 
accordance with steps (f) through (i) of claim 1 (col.9 line 35 to line 54). 
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Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a), 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed Zia whose telephone number is 571-272-3798. The 
examiner can normally be reached on 9:00 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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